Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Red Hat: RHSA-1999:022-02 Critical: Samba Buffer Overflow Issue

red hat
Calendar Grey December 7, 1999
Dist Redhat Esm H88
Updated Samba release tackles severe vulnerabilities in Red Hat environments, featuring patches for denial-of-service attacks and buffer overflow issues.
Samba 2.0.5a has been released

Solution



Install the updated RPMs, and restart the affected services by

running:


For each RPM for your particular architecture:


rpm -Uvh filename


where filename is the name of the RPM.


Then run:


/etc/rc.d/init.d/smb restart

9. Verification:


 MD5 sum                           Package Name


 5167d97fb2f0949991555a3b8e86d509  samba-2.0.5a-1.i386.rpm

 969d609925bc09f9c113907124828dc6  samba-client-2.0.5a-1.i386.rpm

 d8091f3fa0aeda8febf3553d5b92f53f  samba-2.0.5a-1.alpha.rpm

 99f334ef87347877d1b79d4801044547  samba-client-2.0.5a-1.alpha.rpm

 58b1afe4c81028435e6cad1325d4bbee  samba-2.0.5a-1.sparc.rpm

 6e3939fcebba7ace639b766b1cf36cab  samba-client-2.0.5a-1.sparc.rpm

 5c87d78148a8a224e5f89e5dce9af1ae  samba-2.0.5a-1.src.rpm

These packages are also PGP signed by Red Hat Inc. for security. Our

key is available at:




You can verify each package with the following command:

rpm --checksig


If you only wish to verify that each package has not been corrupted o

tampered with, examine only the md5sum with the following command:

rpm --checksig --nopgp

Summary

Topics%20covered

Topics Covered

security advisory security issue Red Hat buffer overflow critical DoS samba

References

<19990721023513z12865037-4222+1570@samba.anu.edu.au> 19990721023513z12865037-4222+1570@samba.anu.edu.au


Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Topic

Topics%20covered

Topics Covered

security advisory security issue Red Hat buffer overflow critical DoS samba

Relevant Releases Architectures

Red Hat Linux 6.0, all architectures

4. Obsoleted by:

None

5. Conflicts with:

The smbmount code shipped with Samba 2.0 is only compatible

with the Linux 2.2 kernel, so it has not been built for

the Red Hat Linux 4.2 and 5.2 releases. If smbmount

support for the 2.2 kernel is needed under Red Hat Linux

4.2 or 5.2, the source RPM can be rebuilt with the following

command line (RPM version 3.0 is required):

rpm --define "KERN22 yes" --rebuild samba-2.0.5a-.src.rpm

The samba package shipped with Red Hat Linux 6.0 (samba-2.0.3-8)

has an erroneous post-uninstall script. If this package is upgraded

to the errata release, it could cause /var/log/samba and

/var/lock/samba to be missing. It is recommended that users

of samba under Red Hat Linux 6.0 uninstall the previous release

using 'rpm -e samba' before installing the errata release.

6. RPMs required:

Intel:

samba-

2.0.5a-1.i386.rpm

samba-client-2.0.5a-1.i386.rpm

Alpha:

samba-

2.0.5a-1.alpha.rpm

samba-client-2.0.5a-1.alpha.rpm

SPARC:

samba-

2.0.5a-1.sparc.rpm

samba-client-2.0.5a-1.sparc.rpm

Source:

samba-

2.0.5a-1.src.rpm

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here